Hi Norman, Make sure the Interscan already running on port 80. Go to the http://x.x.x.x:1812/httpscan.cgi and check the "InterScan HTTP Proxy port (connects to browser)" value. And check whether your Interscan already started or not http://x.x.x.x:1812/isswitch.cgi
Actually, you may test from your browser client by passing squid. Simply configure you client browser to your proxy IP Address with the Interscan port (80). If this doesn't work then your interscan is not running. Regards, herman -----Original Message----- From: Norman Zhang [mailto:[EMAIL PROTECTED] Sent: Thursday, May 06, 2004 6:05 AM To: [EMAIL PROTECTED] Cc: Herman (ISTD) Subject: [squid-users] Re: VirusWall and Squid ACL Hi Herman, Herman (ISTD) wrote: > I have installed Interscan Viruswall and Squid on the same box. It > worked perfectly though in Trial version, automatic virus pattern update > cannot work. My squid is running on 3128 port, and my Interscan is > running on 80 port. Just redirect squid request to Interscan using > cache_peer 127.0.0.1 parent 80 7 default no-query. Make sure httpd is > not running on port 80. I addeded cache_peer 127.0.0.1 parent 80 7 default no-query to /etc/squid/squid.conf and specify VirusWall to use Original HTTP server location: Other (server and port): 127.0.0.1 80 but I'm seeing the following error in /var/log/squid/cache.log 2004/05/05 15:51:41| Detected REVIVED Parent: 127.0.0.1/80/7 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| Detected DEAD Parent: 127.0.0.1/80/7 My /etc/squid/squid.conf is as follows. May I ask what am I doing wrong? Regards, Norman cache_mgr [EMAIL PROTECTED] hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 16 MB cache_dir ufs /var/spool/squid 200 16 256 cache_peer 127.0.0.1 parent 80 7 default no-query ftp_user [EMAIL PROTECTED] auth_param ntlm program /usr/lib/squid/wb_ntlmauth auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group acl ProxyUsers external NT_global_group ProxyUsers acl authusrs proxy_auth REQUIRED acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl webmin port 10000 20000 # webmin, usermin acl CONNECT method CONNECT acl localnet dst 192.168.11.0/26 192.168.22.0/25 acl arkonweb dst 207.34.136.4 207.34.136.5 207.34.136.7 acl pdfgrab browser WebCapture acl realplay browser RealMedia acl ssread browser SSDOWNLOAD acl ssread browser SSREADER http_access allow manager localhost http_access deny manager http_access allow CONNECT webmin http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow arkonweb http_access allow pdfgrab http_access allow realplay http_access allow ssread http_access allow authusrs ProxyUsers http_access allow localhost http_access deny all icp_access allow all >>-----Original Message----- >>From: Norman Zhang [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, May 04, 2004 9:11 AM >>To: [EMAIL PROTECTED] >>Subject: [squid-users] VirusWall and Squid ACL >> >>TrendMicro recommends that I need to setup 2 Squid Proxies with >>VirusWall in order for it to work with Squid's ACL mechanism >>(http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=8496 ). >>Client ---> Proxy#1 (Squid) ---> InterScan VirusWall ---> Proxy#2 ---> >>Internet >> >>But searching the archives, it looks like users are able to use >>VirusWall with just 1 Squid Proxy Server on the same box. May I ask >>what's which setup should I go for? I'm using squid-2.5.STABLE2-2mdk >>and Interscan VirusWall 3.81.
